CVE-2015-3395

Source
https://nvd.nist.gov/vuln/detail/CVE-2015-3395
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2015-3395.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2015-3395
Related
Published
2015-06-16T16:59:04Z
Modified
2024-09-11T02:00:06Z
Summary
[none]
Details

The msrledecodepal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access.

References

Affected packages

Debian:11 / ffmpeg

Package

Name
ffmpeg
Purl
pkg:deb/debian/ffmpeg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:2.6.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / ffmpeg

Package

Name
ffmpeg
Purl
pkg:deb/debian/ffmpeg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:2.6.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / ffmpeg

Package

Name
ffmpeg
Purl
pkg:deb/debian/ffmpeg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:2.6.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}